org.springframework.cloud:spring-cloud-gateway (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.springframework.cloud:spring-cloud-gateway, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2026-22750 — CVSS 7.5 (high): When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently…
CVE-2021-22051 — CVSS 6.5 (medium): Applications using Spring Cloud Gateway are vulnerable to specifically crafted requests that could make an extra request on downstream…